Wednesday, 2017-11-22

« Tuesday, 2017-11-21 Index Thursday, 2017-11-23 »
openstackgerritEmilien Macchi proposed openstack-infra/zuul-jobs master: zuul-cloner-shim: load python from the system  https://review.openstack.org/52209303:12
openstackgerritClark Boylan proposed openstack-infra/nodepool feature/zuulv3: Reorg non detailed instance listing columns  https://review.openstack.org/52210303:41
*** jkilpatr has quit IRC03:43
*** bhavik1 has joined #zuul05:26
*** openstackgerrit has quit IRC06:33
*** bhavik1 has quit IRC06:45
*** xinliang has quit IRC06:58
*** openstackgerrit has joined #zuul07:13
openstackgerritPaul Belanger proposed openstack-infra/zuul-jobs master: Setup virtualenv for zuul-cloner  https://review.openstack.org/52214507:13
*** xinliang has joined #zuul07:14
openstackgerritPaul Belanger proposed openstack-infra/zuul-jobs master: Setup virtualenv for zuul-cloner  https://review.openstack.org/52214507:20
*** isaacb has joined #zuul07:23
openstackgerritTobias Henkel proposed openstack-infra/zuul feature/zuulv3: Use username from node information if available  https://review.openstack.org/45398307:23
openstackgerritTobias Henkel proposed openstack-infra/zuul feature/zuulv3: Rename ssh_port to connection_port  https://review.openstack.org/50079907:23
openstackgerritTobias Henkel proposed openstack-infra/zuul feature/zuulv3: Use connection type supplied from nodepool  https://review.openstack.org/50197607:23
*** hashar has joined #zuul07:31
*** threestrands has quit IRC07:47
openstackgerritTristan Cacqueray proposed openstack-infra/zuul feature/zuulv3: web: add /{tenant}/jobs route  https://review.openstack.org/50327008:08
openstackgerritTristan Cacqueray proposed openstack-infra/zuul feature/zuulv3: web: add /{tenant}/builds route  https://review.openstack.org/46656108:08
openstackgerritTristan Cacqueray proposed openstack-infra/zuul feature/zuulv3: web: add Cache-Control to static files  https://review.openstack.org/52216308:08
openstackgerritRui Chen proposed openstack-infra/nodepool feature/zuulv3: Apply floating ip for node according to configuration  https://review.openstack.org/51887508:34
*** isaacb has quit IRC09:44
*** electrofelix has joined #zuul10:25
*** hashar is now known as hasharAway10:54
*** jkilpatr has joined #zuul12:15
*** pbrobinson has quit IRC12:29
*** pbrobinson has joined #zuul12:31
*** weshay_pto is now known as weshay12:58
openstackgerritMerged openstack-infra/nodepool feature/zuulv3: Apply floating ip for node according to configuration  https://review.openstack.org/51887513:38
tristanCso i'm setting up an openstack tenant to run a third-party-ci on zuul-jobs with container slaves... just got the first run that failed with the bindep role here: https://review.openstack.org/52221313:43
*** jasondotstar has quit IRC13:46
openstackgerritTristan Cacqueray proposed openstack-infra/zuul-jobs master: unittests: make bindep role optional  https://review.openstack.org/52225513:56
*** smyers has quit IRC14:04
openstackgerritTristan Cacqueray proposed openstack-infra/zuul-jobs master: revoke-sudo: only revoke when zuul is sudoer  https://review.openstack.org/52226114:05
*** smyers has joined #zuul14:11
*** jasondotstar has joined #zuul14:15
dmsimardtristanC: can you add it to the zuul-jobs pad ?14:17
tristanCdmsimard: it's already there, i'm adding review to proposed review14:19
dmsimardtristanC: ok14:19
dmsimardtristanC: where's the bindep failure? I don't see it14:20
tristanCdmsimard: it's on PS2, right before i added the depends-on 52225514:21
tristanCbtw, the third-party-ci-config is https://softwarefactory-project.io/r/gitweb?p=third-party-ci-config.git;a=tree14:21
dmsimardERROR: The executable /tmp/bindepkxXV7q/venv/bin/python2 could not be run: [Errno 13] Permission denied14:22
dmsimardweird ?14:22
tristanCand the test-unittests job is in https://softwarefactory-project.io/r/gitweb?p=third-party-ci-jobs.git;a=tree14:22
dmsimardtristanC: could that be related to the systemd tmpdir I told you about ?14:22
tristanCdmsimard: /tmp is noexec in this container14:22
*** jasondotstar has quit IRC14:23
dmsimardtristanC: hmm, you should probably match the container rules with the bubblewrap ones ?14:23
dmsimardI don't think it's a bad assumption to say we can run things from /tmp14:24
tristanCdmsimard: sure, just have to update L270 of https://review.openstack.org/#/c/468753/26/nodepool/driver/oci/provider.py14:26
tristanCdmsimard: things is, container likely do not want to use bindep to run unittest14:26
dmsimardbindep is a mechanism to install deps that might be required for python libraries installed by tox (which will then run unit tests)14:28
dmsimardThink like installing libxml/libxslt/openssl for crypto compilation14:28
dmsimardAre you expecting nothing to be installed in the container ? Maybe I'm not clear on the use case, I thought it was probably a VM replacement14:29
tristanCdmsimard: well yes, those oci containers are immutable, / is ro14:30
*** jasondotstar has joined #zuul14:31
tristanCi got to go now, be back tomorrow14:33
tristanCforgot to mention, the openstack tenant is setup like this: https://softwarefactory-project.io/r/gitweb?p=config.git;a=blob;f=zuulV3/openstack.yaml;hb=HEAD14:34
*** jasondotstar has quit IRC14:35
*** jasondotstar has joined #zuul14:45
*** _ari_ has quit IRC14:49
*** _ari_ has joined #zuul15:02
openstackgerritJan Kundrát proposed openstack-infra/zuul master: Prepare correct refspec on new Gerrit  https://review.openstack.org/43905715:21
*** bhavik1 has joined #zuul15:43
*** bhavik1 has quit IRC15:49
openstackgerritSean McGinnis proposed openstack-infra/zuul-jobs master: Update upload-npm credentials secret  https://review.openstack.org/52228415:49
SpamapSdmsimard: tmp might be mounted noexec?16:04
dmsimardSpamapS: that's what ended up being his problem, yes, but I'm not understanding the container use case properly I think16:05
dmsimardSpamapS: I thought the goal of the container driver was to be able to run fully-fledged jobs without an OpenStack cloud easily -- not sure what's the extent of the things we can run if the container is super locked down16:06
dmsimardWe're "bastardizing" the usage of a container here, don't get me wrong -- a container is supposed to be immutable, but it doesn't need to be16:06
*** haint has quit IRC16:07
dmsimardIt could mount volumes from from the bubblewrap environment or something, I dunno.16:07
SpamapSdmsimard: I think the idea is to have the container image ready to rock and roll and just start it up with some git volumed in, and run an executable.16:08
dmsimardSpamapS: in the general world, yes ? but in the context of CI, that executable is going to read and write things16:08
dmsimardwhether it's tox creating the venv and installing packages before running tests or other things16:09
SpamapSIMO we don't want "a container" from nodepool. We want a space to run a container.16:09
SpamapSBecause most cases want to start by building an image with the code on it.16:09
dmsimardI want something that isn't an OpenStack VM and I thought that the OCI driver was going to provide that :P16:09
dmsimardHaving an openstack cloud to run zuul/nodepool against is a huge barrier to entry16:10
SpamapSdmsimard: I have it on my todo to make a nodepool driver that provides k8s namespaces.16:10
dmsimardthat requires standing up a k8s which is probably a smaller barrier to entry than an openstack cloud16:11
dmsimardOCI containers are simple stupid16:11
SpamapSdmsimard: also another good use for containers is to get out of the untrusted prison.... so maybe there is a case for the mutable container.16:11
dmsimardit wouldn't scale very well, but with a mutable container option, I could technically have an all-in-one node with everything in it without requiring a cloud16:12
dmsimardand I think that could be cool, even if just to allow people to stand up and try out zuul/nodepool easily16:13
SpamapSYeah... another way to look at it though, is to explode the number of clouds you can run jobs on.16:13
SpamapSSo add AWS, GCE, VMware, Azure, Kubernetes, Docker Swarm... etc. etc.16:14
SpamapSbecause honestly.. allinone is really Jenkins's wheelhouse.16:14
dmsimardSpamapS: why do you think jenkins is popular ? :)16:14
dmsimardzuul/nodepool doesn't need to be complicated or expensive to run16:14
SpamapSI think an allinone that you're playing with could be fine with mostly trusted jobs.16:19
*** nguyentrihai has joined #zuul16:20
SpamapSdmsimard: can we back up. /tmp was noexec.. is that something OCI defines always?16:22
dmsimardSpamapS: the policy appears explicit, tristanC mentioned line 270 of this https://review.openstack.org/#/c/468753/26/nodepool/driver/oci/provider.py16:23
SpamapSdmsimard: awesome16:28
SpamapSso we can fix that :)16:28
SpamapSNow we need to step up one level, and get rid of the idea that nodes are always SSH targets.16:30
dmsimardmordred said he was going to start a thread on openstack-infra about that topic16:30
dmsimardಠ_ಠ16:30
rcarrillocruzthere's some work already fo that16:30
rcarrillocruztobiash started plumbin ansible_connection16:30
rcarrillocruzplumbing16:30
SpamapSYeah nodepool shouldn't necessarily know that though.16:31
jeblairokay, i'm going to take one more stab at this.  how zuul and nodepool should handle containers is a really important conversation to have, but it's really complicated.  if we want to release v3.0, we do not have time to have it now.  so let us, please, as a group, choose to work on one thing or the other.16:31
SpamapSBut definitely should be able to say "Here's connection info, type: x"16:31
jeblairSpamapS: my understanding is that you really want v3.0 released?16:32
SpamapSI want all the things, and perfection, and ponies. SO many ponies.16:32
dmsimardjeblair: we got into that discussion because tristanC is currently testing zuul-jobs from a third party perspective on the experimental OCI driver16:33
dmsimardWe don't need to shift all the manpower to containers at all :)16:33
jeblairwell, there is no guarantee that what tristanC is doing is going to end up in zuul in its current state16:33
jeblairthat's a risk tristanC knows16:34
jeblairi would prefer if we could all spend at least some of our time working to get v3.0 out the door16:34
jeblairsince that's a goal we've agreed on16:34
SpamapSjeblair: the problem I'm running into at this very moment, is two fold. 1) No v3.0 == no respect from demo watchers. 2) Users in my org are very wary of OpenStack, despite having access to a pretty stable OpenStack with thousands of HV's, and the first question they ask is "can I use it on ...." would like to (k8s, aws, gce, *)"16:34
rcarrillocruzmy undestanding is that nodepool drivers was not a short-term goal for release anyways16:34
jeblairSpamapS: i'm starting to spend more time telling people that we only just need a little more work to get v3.0 out the door than i am actually working on zuul16:35
SpamapSso yes, (1) is the first step, and since (1) is sort of out of my control in many ways, I tend to jump to (2) :-/16:35
jeblairSpamapS: it's not out of your control.  there are certainly things you can do to get v3.0 out the door16:35
SpamapSIf I can pick up a specific v3.0 task, I will have some time to do that this week.16:35
mnaseri've been a bit out of it for the past few days.  was there a fix put in to limit the number of dynamic reconfigs in zuul v3?16:37
jeblairand in the mean time, it would be really great if we could put a pin in the container thing so we can finish this and get to the point where we can have a design conversation.  we've been talking about it in snippets for 2 years, so i know it's not going to be short.  :)16:37
jeblairmnaser: no16:37
mnaserjeblair: ok cool, i'll stick to 5 reconfig changes at a time16:37
dmsimardSpamapS: I find the "Users in my org are very wary of OpenStack" argument quite unfortunate, having experienced it first hand with ARA16:39
dmsimardSpamapS: I've had folks tell me they wouldn't even try ara because of the openstack affiliation16:39
rcarrillocruzsame with Ansible engineering, lol16:39
electrofelixI wish more users in orgs I know were willing to add any tests at all, never mind the level of testing that openstack has...16:40
SpamapSdmsimard: the users in my org have had OpenStack for 4 years. They're about ready to start giving in to their 2nd system syndrome. :-/16:40
dmsimardSpamapS: where is that again? Godaddy?16:41
SpamapSdmsimard: aye16:41
SpamapSIMO we have a really great cloud. It's a little quirky... requiring unique server names, and limiting the name field to 15 chars.. also requiring AZ to be specified. But for the most part, it's fast, robust, and works quite well despite being stuck on Liberty.16:42
rcarrillocruzelectrofelix: that's kind of the argument I give 'ok, you don't like openstack cos you heard is hard, just private, whatever, but PLEASE look at just the CI, the tooling is AWESOME'16:42
jeblairSpamapS: i've got 2 things on my pre-3.0 list i can hand to you if you want: abstract job attribute / protected flag.  abstract is half-implemented here: https://review.openstack.org/50480916:42
electrofelixrcarrillocruz: ;-)16:42
SpamapSMost of what people don't like about it has to do with the restrictions placed on images (you have to ask really nice to be able to upload your own images and agree to update your images for security problems)16:42
dmsimardSpamapS: didn't godaddy close their openstack cloud ?16:42
clarkbdmsimard: only the public stuff aiui16:42
dmsimardohhhhh16:43
clarkbso you can't show up with a credit card anymore16:43
SpamapSyeah and the public one was... a bit misguided in some ways16:43
electrofelixjeblair: do you have time to chat about zuul supporting pushing back merge commits? not a 3.0 thing :D, but the more I can show things are more likely to be possible (or at least more sensible) on v3 instead of hacking on v2, the better chance I have to getting some time allocated to it16:43
SpamapSOddly enough, it was basically fronted by something very similar to mordred's oaktree16:44
SpamapSThey saw the ... challenges with supporting OpenStack's APIs. ;)16:44
SpamapSjeblair: Are those attributes already in spec somewhere? Not sure I remember reading about them.16:45
SpamapSelectrofelix: haha ... you did see jeblair's rebuke of our container bikeshedding right? ;-)16:46
jeblairSpamapS: they aren't -- they just came up in conversation here and in -infra as we found they were things that would be useful during the conversion16:46
SpamapSelectrofelix: You can tell your management it's never going to happen on v2. :)16:46
electrofelixSpamapS: my managements response would be "sure couldn't you just stick something in and land locally..."16:47
rcarrillocruzlol16:48
SpamapSelectrofelix: debt is only useful when it leads to significant returns. What is the benefit of doing that locally that its worth taking on local patch debt?16:48
electrofelixyou speak sense, you must not be in management :p16:48
SpamapSzuul pushing is something I want to see on the 3.1 list... but what I really want to see is lots of new names on the 3.0 authors list. :)16:49
SpamapSelectrofelix: they keep trying to pull me into that mess.. have been able to avoid it thus far... but .. every grey hair I get seems to be a beacon to management that "he's almost dead enough inside to be one of us!"16:49
electrofelixlol16:49
jeblairelectrofelix: you're talking about pushing zuul refs for workers to pull, right?  not pushing the result to the final branch. (which i'm guessing is what SpamapS is interpreting)16:50
SpamapSI thought we were talking about pushing the result.16:50
electrofelixjeblair: nope, this time it's about the push the result to the final branch, I'll have to circle back on zuulv3 -> jenkins fun later16:51
jeblairoh neat16:51
SpamapSjeblair: are there notes on protected/abstract I can view? (In the patch maybe? Haven't looked yet)16:51
jeblairelectrofelix: then yes, like SpamapS, i am in support of that after v3.016:51
*** nguyentrihai has quit IRC16:52
electrofelixjeblair: we're building docker images in the gate and trying to save and publish those in a post pipeline instead of rebuilding just in case something changed dependency wise between when the gate started and the change passed and triggered a post merge pipeline16:52
jeblairabstract flag (do not run this job) for base jobs that will be inherited from but not run16:52
jeblairprotected flag (inherit only within this project)16:52
jeblairSpamapS: ^ that's the entirety of my notes on the subject16:53
electrofelixbut that leads to some interesting git metadata being recorded unless we can push back the merge commit16:53
electrofelixI suspect the limitation on push back is: when enabling push back, any dependent changes within a given project must be merged on the same zuul executor so that they will have correct parents in their history should they also pass16:54
electrofelixIs that correct?16:55
electrofelixis there a story on that, at the very least if I can push management to see that there are enough things on the horizon that directly solve our issues, I might be able to get some time to just work on zuul in general16:56
jeblairelectrofelix: that does seem likely to be an issue.  so the solution will probably involve more than "just pushing".16:56
jeblairelectrofelix: i don't think much if any work on this has been done yet, so starting a spec or story would be a good idea16:56
SpamapSjeblair: fantastic, I can go with those notes. :)16:57
jeblairelectrofelix: i can say it's something we've long desired and we can engage on design and implementation after v3.0 release.  maybe after container design.  :)16:57
SpamapSI feel like that shouldn't be an issue. If you have the result of the merge that you tested, you should be able to just push that.16:58
electrofelixjeblair: ok, that's at least a starting point, and yes, it means likely keeping track of which merger (or is it called executor now?) node a project is associated with16:58
SpamapSI figured it was more of an access and interface issue. We might need to change zuul's access levels in Gerrit to be able to directly push vs. tell Gerrit to merge.16:59
jeblairSpamapS: i think electrofelix is saying that if zuul creates a merge commit for change A, and change B depends on A, different mergers would create different merge commits for A, so whichever merge commit for A ends up pushed to the source, *that specific commit* needs to be in the history for B in order to push B.16:59
jeblairelectrofelix: or it could mean ensuring all mergers can communicate with each other, and when merging B, first pull from the merger which handled A rather than repeating that merge17:00
jeblairincidentally, that's related to a solution SpamapS and i discussed for avoiding repeated mergers on executors17:00
electrofelixjeblair: yes, that would be more complex, but also less likely to risk a minor dos17:00
SpamapSYeah I see that, however, for the use case electrofelix and I have.. we only actually care that the sha is stable for the last thing that merges.17:00
jeblairso quite possibly the solution to both could be "let mergers and executors ssh to each other"17:00
jeblairSpamapS: right but i don't think you would be able to push B with the wrong parent17:01
SpamapSit would be fantastic to have all the artifacts.. and we maybe stretch ourselves to get that done some day.. but I'm good with only having the last one as a first step.17:01
jeblairthis probably warrants some testing with git to double check :)17:01
SpamapSjeblair: well right now, with a dependent meanager, we "click merge" in the order of landing, right?17:02
electrofelixhmm, I think for our use case we'd need to solve for gate queues of up to 5 changes in flight17:02
pabelangermuch backscroll17:02
jeblairSpamapS: yeah, that causes gerrit to create merge commits of its own if necessary.  they aren't the same ones that zuul creates.17:02
SpamapSSo we're basically just using gerrit as the way we communicate. We could very easily make the scheduler do that.. and basically say "hey scheduler I'm done and I want to push" and it can say "push it all" or "actually what you have already got pushed"17:04
jeblairSpamapS: it's fine to push a merge commit from zuul to gerrit.  but if you push a second commit on top of that (say because you had 2 changes in the gate simultaneously), that second commit has to have the same git parent as what is currently in the tree.17:04
SpamapSbut yeah17:04
SpamapS--> 3.117:04
SpamapSthis deserves a nice solid design.17:04
jeblairya.  we can probably stop here with "this is desirable, there are issues, let's talk about it later."  :)17:04
jeblair(i'm fairly certain it is doable though)17:05
electrofelixI think we might be willing to run with a POC in this area17:05
electrofelixand deal with changing it based on feedback and real world results17:06
electrofelixSpamapS jeblair: think the most scale-able solution would be to favour using the same merger for changes for the same project up a limit, and then switching to having a different merger get the latest tree from the first merger. Either would be good enough as a starting point for an initial pass17:17
dmsimardelectrofelix: we're able to keep up with the upstream gate with 3 mergers17:18
dmsimardelectrofelix: (as third party CI)17:19
dmsimardelectrofelix: the main problem is that they are "single threaded" so if you only have one merger and it's stuck in a rebase hell of 20 patchsets with different depends-on mixed in there, it's going to be busy for a while17:19
jeblairelectrofelix: i lean toward thinking we should just always have mergers fetch previous merges from other mergers since (a) gearman makes it hard to schedule things like that, (b) it can be used to solve the executor double-merge problem, and (c) you said we should do it anyway :)17:19
jeblairelectrofelix: but it's early days -- that's just my first instinct.  :)17:20
dmsimardiirc there's also code in zuul so that the merger doesn't needlessly merge everything if it's for a project it doesn't care about17:20
electrofelixjeblair: seems like a good starting point, the other step would be an optimization to keep down traffic for a really big set up (if someone was to run Zuul-as-a-Service for GitHub it might be relevant, but not critical)17:21
SpamapSYeah I like that plan for its efficiency win. I dislike it for its resiliency requirements17:22
electrofelixSpamapS: as in we should always have the resulting merge synced to some set of nodes to ensure any of them could perform the push back?17:23
SpamapSor push them into the source17:24
jeblairi'm not in favor of pushing temporary merges into the source -- they take up a lot of space quick and you have to think about how they might get propogated17:27
SpamapSZUUL_REF17:27
SpamapSerr17:27
SpamapSerrant enter press17:27
electrofelixSpamapS: Also I think that introduces a race unless you make sure the mergers wait until it's been pushed to a suitably hidden branch17:27
SpamapSZUUL_REF may yet have a place in mergers eh? :-P17:27
jeblairapparently so.  i haven't managed to complety exise it yet.  :|17:28
SpamapSI mean, it's still easier to say "all the mergers can talk to eachother" than it is to say "all the test nodes can talk to the mergers"17:28
jeblairyep17:29
SpamapSelectrofelix: the way around having this, btw, is to log your build artifact ID, and scrape it out of the log.17:29
SpamapSnot the prettiest thing, but it is doable.17:29
SpamapSyou can even just drop a single file in the logs dir that is the ID, so it's not parsing and stuff like that.17:30
electrofelixSpamapS: not sure I'm following? we currently override the metadata with some additional layers in the docker images added during the post merge phase to reference the correct git sha117:30
electrofelixbut it means we're chasing assumptions on what teams/people are doing with git metadata in their projects17:31
SpamapSelectrofelix: so you want to build a docker image in gate, and then in post, use that same exact set of bits, yes? The way you can do that is to have the gate make a UUID for the docker image, and put that somewhere that your post job can find by finding the change's last passing log.17:31
SpamapSand then your post job can tag the commit with the docker image ID and then people who pull the branch can fetch the docker image that was tested in the gate with that commit.17:32
electrofelixSpamapS: that's what we're doing, it's just that we end up needing to wrap the image with additional git metadata to override what teams stored in the LABEL and ENV, trying to spot when this is necessary seems to be a bit of a challenge17:32
rcarrillocruzso17:32
rcarrillocruzi just added the first network operating system VM to my zuul17:33
rcarrillocruzbeen playing with ovs on xenial up till now17:33
SpamapSelectrofelix: kk, so you have found the cracks in the workaround. ;)17:33
rcarrillocruzand i'm hitting what we were discussing yesterday17:33
rcarrillocruzhttp://paste.openstack.org/show/627125/17:33
rcarrillocruzon non-linux boxes, the implicit gather_facts fail17:33
rcarrillocruzas that assumes on the other end python17:34
electrofelixSpamapS: yeap, and would love to stop trying to paper over them :D17:34
rcarrillocruzalthough, wait, i think i'm hitting here a plain ssh17:34
rcarrillocruzprobably wrong user17:34
* rcarrillocruz pokes at logs for ansible_user17:35
rcarrillocruzyeah...so the appliance has 'vyos' user, i think the real issue here is the executor connects remotely against root17:36
pabelangerI think tobiash has a patch up to support that in nodepool?17:37
pabelangershouldn't be root however17:37
rcarrillocruzyeah, been keeping an eye on it17:38
rcarrillocruzit is for me, look at a fact when gathering facts on xenial17:39
rcarrillocruzAnsible output: b'        "ansible_user_id": "root",'17:39
rcarrillocruzoh well17:39
rcarrillocruzi have default_username as root on executor17:39
rcarrillocruzzuul.conf17:39
rcarrillocruzthat explains17:40
jeblairyep17:40
jeblairrcarrillocruz: http://git.openstack.org/cgit/openstack-infra/zuul/tree/zuul/executor/server.py?h=feature/zuulv3#n91017:40
rcarrillocruzso, as default username here is zuul, do i assume right that infra DIB images just create a 'zuul' user on xenial, fedora, etc with the proper zuul key on authorized_keys ?17:42
rcarrillocruzi use cloud-images for xenial17:42
pabelangerjeblair: is there anything else I should get together for https://review.openstack.org/521324/ ? Thanks to dmsimard for a more detailed explaination17:42
pabelangerrcarrillocruz: right17:43
pabelangerthe root user we now use glean to setup SSH keys on the nodes, but zuul user we still bake in info17:44
rcarrillocruzk, i tried to use DIB for xenial, but had all sorts of fun with glean. As my provider pool has multiple networks (for testing multiple NIC things on our modules), half of the time the images would not be reachable probably cos NIC getting booted in different order17:44
rcarrillocruzerm, the instances i meant17:45
rcarrillocruzsooo... i think i'll just create zuul user on both xenial and vyos, take snapshot, retry17:45
rcarrillocruzi really want to get to teh point of failing facts gatherinjg17:46
pabelanger++17:48
*** dmsimard is now known as dmsimard|afk17:53
*** jasondotstar has quit IRC17:57
EmilienMwhen defining a job layout with irrelevant-files, does irrelevant-files merge with the parent job layout?17:59
EmilienMor the latest wins?17:59
EmilienMnot sure my question is clear enough17:59
jeblairEmilienM: not really either -- irrelevant files causes that particular job variant to either match or not18:02
jeblairEmilienM: so you can't put irrelevant-files on a child job to cause the parent not to match18:03
jeblair(it would only cause the child not to match, but the parent still would)18:03
EmilienMjeblair: ok so child are checked first (from the youngest to the oldest)18:04
EmilienMbut each list is taken in account18:04
EmilienMso I can maintain a top level list for all jobs18:04
EmilienMand having childs having their own list18:04
EmilienMfor specifics18:05
EmilienMis that correct?18:05
rcarrillocruzhttp://paste.openstack.org/show/627128/18:07
rcarrillocruz /sad trombone18:07
jeblairEmilienM: probably -- if you want to mock up a quick etherpad example, i can confirm :)18:08
jeblairrcarrillocruz: yay!  successful failure!18:08
rcarrillocruzso yeah, i need to wait for tobiash change to land the ansible_connection change on https://review.openstack.org/#/c/501976/ , then push a patch to put a conditional, if no ssh then don't gather facts18:08
EmilienMjeblair: I'll show you a patch I'm doing18:08
rcarrillocruzlol, \o/ weee18:08
EmilienMshortly18:08
rcarrillocruzjeblair: does that sound as a good plan ^18:09
jeblairrcarrillocruz: yep.  you could probably hard-code some hacks in right now if you wanted to try to get a couple steps ahead :)18:10
rcarrillocruzyeah, feel like it :D18:10
*** jasondotstar has joined #zuul18:18
EmilienMjeblair: https://review.openstack.org/#/c/522321 is what I'm trying to achieve18:20
jeblairEmilienM: that's a long list -- are you sure 'files' wouldn't be better than 'irrelevant-files' ?18:22
EmilienMjeblair: I'm sure18:22
EmilienMjeblair: I spent all my morning thinking about it18:22
EmilienMand the list of files is too huge18:22
EmilienMjeblair: the list of irrelevant-files won't move every day18:23
EmilienMwhile 'files' will18:23
openstackgerritAndreas Jaeger proposed openstack-infra/zuul-jobs master: Fix wrong dir for doc/requirements.txt  https://review.openstack.org/52232718:23
jeblairEmilienM: okay, so to take tripleo-ci-centos-7-ovb-fakeha-caserver as an example18:24
EmilienMjeblair: my question for you is, rrelevant-files defined in the parent job will still work?18:24
jeblairEmilienM: since you're doing parent/child, what zuul will do is see whether tripleo-ci-centos-7-ovb-fakeha-caserver matches.  if it doesn't, the job won't run.  if it does, then it will try to find its parent, tripleo-ci-ovb.  if it doesn't match, the job won't run.  if it does, it will.18:25
EmilienMok18:25
jeblairEmilienM: i think you've found the one way to 'combine' irrelevant-files :)18:26
EmilienMjeblair: just to make sure, let's say I try to patch releasenotes and manifests/profile/base/aodh - can you confirm ovb job won't run?18:27
jeblairEmilienM: be careful though, if you were to add another variant of tripleo-ci-ovb (like for a stable branch or something), as long as any one matched the job would run.  so if you need to do that, you may need to duplicate the irrelevant-files setting (or, add another layer to the hierarchy)18:27
EmilienMmy guess is no, since manifests/profile/base/aodh is part of the child list and releasenote is part of the parent list18:27
EmilienMin fact, let's try that18:28
EmilienMso we're sure :)18:28
EmilienMhttps://review.openstack.org/52234218:29
EmilienMjeblair: ok it didn't work18:30
jeblairEmilienM: i'm not 100% sure without drawing a big diagram, but from the sound of it, i'm not sure your example will work18:30
EmilienMjeblair: it didn't work, ovb are still running now18:31
EmilienMjeblair: even if I patch a file part of the irrelevant_files18:32
jeblairEmilienM: because manifests/profile/base/aodh is not an irrelevant file for tripleo-ci-centos-7-ovb-fakeha-caserver, so it matches.  and releasenotes is not an irrelevant file for tripleo-ci-ovb, so it matches.18:32
EmilienMjeblair: I'm interested by tripleo-ci-centos-7-ovb-ha-oooq18:33
jeblairthat doesn't have any irrelevant files?18:33
EmilienMjeblair: wait so how can I maintain a list for all child jobs18:33
EmilienMjeblair: I want the irrelevant files list be in a parent job layout, for all OVB jos18:34
EmilienMjobs*18:34
openstackgerritMerged openstack-infra/zuul-jobs master: Set success-url for sphinx-docs to html  https://review.openstack.org/52201718:34
EmilienMso I don't maintain the same list 12 times18:34
jeblairEmilienM: releasenotes is not listed in irrelevant-files for triplo-ci-ovb, so it matches18:34
jeblairEmilienM: if you proposed a change with only the aodh profile file touched, it would not match and not run18:35
EmilienMjeblair: but it's defined in the parent18:35
EmilienMso the parent list isn't taken in account :(18:35
jeblairEmilienM: tripleo-ci-ovb is the paret18:35
EmilienMjeblair: tripleo-ci-ovb has a parent18:35
jeblairEmilienM: legacy-dsvm-base.  it has no irrelevant files, i hope.18:36
EmilienMjeblair: https://github.com/openstack-infra/tripleo-ci/blob/master/zuul.d/base.yaml#L88-L9618:36
EmilienMjeblair: it does :)18:36
jeblairEmilienM: that's tripleo-ci-dsvm, not legacy-dsvm-base18:36
jeblairEmilienM: from your patch: 22     parent: legacy-dsvm-base18:36
EmilienMoh18:37
EmilienMso I did a typo18:37
EmilienMI need to use tripleo-ci-dsvm18:37
EmilienMlet's try again18:37
EmilienMjeblair: still doesn't work, OVB jobs are running18:38
EmilienMhttps://review.openstack.org/#/c/522321/3/zuul.d/ovb-jobs.yaml18:38
openstackgerritMerged openstack-infra/zuul-jobs master: Only run whereto if htaccess file exists  https://review.openstack.org/52199618:39
jeblairEmilienM: what files are you touching in your test patch?18:39
EmilienMjeblair: https://review.openstack.org/#/c/522342/18:39
openstackgerritMerged openstack-infra/zuul-jobs master: Update fetch sphinx output to use sphinx vars  https://review.openstack.org/52159018:39
jeblairEmilienM: releasenotes matches tripleo-ci-ovb, and aodh matches the parent18:40
EmilienMjeblair: so we can't have inheritance on irrelevant files list18:41
EmilienMthat would have been cool18:41
EmilienManother option is to add the irrelevant_files from the parent into the child18:42
EmilienMbut it's duplicating things :(18:42
jeblairEmilienM: none of the matchers combine on inheritance, and irrelevant-files never does what you expect since it's backwards :|.  files behaves sort of like how you would expect though.18:42
jeblairEmilienM: yeah, i think that's the best solution18:42
EmilienMk18:42
*** mwhahaha has joined #zuul18:42
EmilienMjeblair: is what I'm asking a feature or something well known and by design?18:43
jeblair(basically, when you put two irrelevant-files sections together, the set of files that can trigger the job get bigger.  when you put two files sections together they get smaller)18:43
openstackgerritMerged openstack-infra/zuul-jobs master: Setup virtualenv for zuul-cloner  https://review.openstack.org/52214518:44
jeblairEmilienM: the way the matchers work in general is by design (it's an important part of how variants work).  but i don't think much thought went into how that affects irrelevant-files in particular.  i think we could consider special casing it, though i don't have any immediate ideas for how.18:46
EmilienMok18:48
EmilienMjeblair: I confirm it works now. Thanks18:55
openstackgerritMerged openstack-infra/zuul-jobs master: Fix wrong dir for doc/requirements.txt  https://review.openstack.org/52232718:56
*** jesusaur has quit IRC18:58
*** electrofelix has quit IRC19:19
*** jesusaur has joined #zuul19:20
rcarrillocruzjeblair: if i inherit a job, are nodesets additive? meaning , will the child nodeset nodes be added to the parent or replaced altogether ?19:56
jeblairrcarrillocruz: replaced20:15
rcarrillocruzThx20:16
*** jkilpatr has quit IRC20:37
*** jkilpatr has joined #zuul21:14
*** threestrands has joined #zuul21:45
*** threestrands has joined #zuul21:45
rcarrillocruzhttps://github.com/rcarrillocruz-org/ansible-fork/pull/822:39
rcarrillocruzWOOTZ22:39
rcarrillocruzfirst network operating getting test suite on zuul v3!22:39
pabelangerrcarrillocruz: \o/22:45
*** hasharAway has quit IRC22:45
rcarrillocruzs/getting/running22:45
rcarrillocruzsuper hackish22:46
rcarrillocruzhad noop the gather facts implicit role22:46
rcarrillocruzand bake the key on the bastions22:46
jeblairrcarrillocruz: but we have an idea of what we need to do so that's great!22:48
jeblairrcarrillocruz: i will celebrate your success by eating a large turkey22:48
rcarrillocruz++ , enjoy thanksgiving :P22:49
« Tuesday, 2017-11-21 Index Thursday, 2017-11-23 »

Generated by irclog2html.py 2.15.3 by Marius Gedminas - find it at mg.pov.lt!